When | What |
---|---|
October 30th, 2015 | Donated by Nicolas Viennot |
Studies who have been using the data (in any form) are required to include the following reference:
@inproceedings{Fratantonio:2015:CCL:2786805.2786873,
author = {Fratantonio, Yanick and Machiry, Aravind and Bianchi, Antonio and Kruegel, Christopher and Vigna, Giovanni},
title = {CLAPP: Characterizing Loops in Android Applications},
booktitle = {Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering},
series = {ESEC/FSE 2015},
year = {2015},
isbn = {978-1-4503-3675-8},
location = {Bergamo, Italy},
pages = {687--697},
numpages = {11},
url = {http://doi.acm.org/10.1145/2786805.2786873},
doi = {10.1145/2786805.2786873},
acmid = {2786873},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {Android, Loop Analysis, Static Analysis},
}
app_id, title, developer_name, category, free, version_code, version_string, installation_size, downloads, star_rating, snapshot_date, metadata_url, apk_url
Although millions of users download and use third-party Android applications from the Google Play store, little information is known on an aggregated level about these applications. We have built PlayDrone, the first scalable Google Play store crawler, and used it to index and analyze over 1,100,000 applications in the Google Play store on a daily basis, the largest such index of Android applications. PlayDrone leverages various hacking techniques to circumvent Google’s roadblocks for indexing Google Play store content, and makes proprietary application sources available, including source code for over 880,000 free applications. We demonstrate the usefulness of PlayDrone in decompiling and analyzing application content by exploring four previously unaddressed issues: the characterization of Google Play application content at large scale and its evolution over time, library usage in applications and its impact on application portability, duplicative application content in Google Play, and the ineffectiveness of OAuth and related service authentication mechanisms resulting in malicious users being able to easily gain unauthorized access to user data and resources on Amazon Web Services and Facebook.